Change the interface of X509_CA::sign_request as follows:

- The allow_ca policy value is no longer checked. Callers should check if the request is for a CA cert and treat it accordingly; this makes it simpler to to case-by-case decisions (expecially among multiple threads) - Instead of a single time value, a u32bit representing the number of seconds from now the certificate should expire, the start and end times are passed explicitly as two X509_Time values.
author: lloyd <[email protected]> 2008-04-10 04:39:58 +0000
committer: lloyd <[email protected]> 2008-04-10 04:39:58 +0000
commit: fd717509a0547faa4384b351635a85f7315f2eaa (patch)
tree: 1abd16dc7dba49bd9b52f76e8351e5eac9f1a96e /checks
parent: 4e9d101a1b18316fe14829a52c1e4df20208aa5d (diff)
1 files changed, 7 insertions, 2 deletions
diff --git a/checks/x509.cpp b/checks/x509.cpp
index c07aaf761..6e6dad60c 100644
--- a/checks/x509.cpp
+++ b/checks/x509.cpp
@@ -96,9 +96,14 @@ void do_x509_tests()
 
    /* Sign the requests to create the certs */
    std::cout << '.' << std::flush;
-   X509_Certificate user1_cert = ca.sign_request(user1_req);
+   X509_Certificate user1_cert =
+      ca.sign_request(user1_req, X509_Time("2008-01-01"),
+                                 X509_Time("2100-01-01"));
+
    std::cout << '.' << std::flush;
-   X509_Certificate user2_cert = ca.sign_request(user2_req);
+   X509_Certificate user2_cert = ca.sign_request(user2_req,
+                                                 X509_Time("2008-01-01"),
+                                                 X509_Time("2100-01-01"));
    std::cout << '.' << std::flush;
 
    X509_CRL crl1 = ca.new_crl();
author	lloyd <[email protected]>	2008-04-10 04:39:58 +0000
committer	lloyd <[email protected]>	2008-04-10 04:39:58 +0000
commit	fd717509a0547faa4384b351635a85f7315f2eaa (patch)
tree	1abd16dc7dba49bd9b52f76e8351e5eac9f1a96e /checks
parent	4e9d101a1b18316fe14829a52c1e4df20208aa5d (diff)